Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PIX 520 - Converting conduits to access-lists

From: "Miha Vitorovic" <miha () nil si>
Date: Wed, 23 Oct 2002 16:05:04 +0200
Hi,

If you're trying to access the server from the Internet, then the ACL to 
handle that must be bound to interface outside. ACL bound to interface DMZ 
regulates what devices on the DMZ network can connect to.

If you don't have any outside ACL, just append your ACL to interface 
outside:

access-group DMZ_IN in interface outside

Otherwise append the appropriate rules to the outside ACL.

Have fun,
---
  Miha Vitorovic
  Inženir v tehničnem področju
  Customer Support Engineer

   NIL Data Communications,  Einspielerjeva 6,  1000 Ljubljana,  Slovenia
   Phone +386 1 4746 500      Fax +386 1 4746 501     http://www.NIL.si




access-list DMZ_IN permit tcp any host my.public.addy.here eq ftp 
(hitcnt=0)

access-list DMZ_IN permit tcp any host my.public.addy.here eq ftp-data
(hitcnt=0)

access-list DMZ_IN permit udp any host my.public.addy.here eq domain
(hitcnt=0)

access-list DMZ_IN permit tcp any host my.public.addy.here eq domain
(hitcnt=0)

access-group DMZ_IN in interface DMZ



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: